[jboss-jira] [JBoss JIRA] (WFCORE-2766) Application server must be reloaded when is updated credential reference of credential store. There isn't any information that it needs reload.
Yeray Borges (JIRA)
issues at jboss.org
Fri Jun 2 09:58:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13415698#comment-13415698 ]
Yeray Borges commented on WFCORE-2766:
--------------------------------------
The was discussed with [~pskopek] arriving at the following conclusions:
* There might be different implementations of CS API which could be dynamically changed from outside and the reload not be required from WF point
* Mark as reload-required resources which are referring other CS will create a mess between resources (e. g. resources being referred by other CS, which are being referred by other CS ...), even if they are fine because contain the same passwords.
* Reloading on each alias update/remove of any CS, even if they are not being referred, is not an ideal situation
For these reasons, is left to the user to take the decision if he needs to reload or doesn't after update an alias.
This issue will be resolved once these two issues are merged: WFCORE-2426 and WFCORE-2867
Once those issues are merged, at least if the user updates the credential-reference of one CS, a reload will be required.
> Application server must be reloaded when is updated credential reference of credential store. There isn't any information that it needs reload.
> -----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2766
> URL: https://issues.jboss.org/browse/WFCORE-2766
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Hynek Švábek
> Assignee: Yeray Borges
>
> Application server must be reloaded when is updated credential reference of credential store. There isn't any information that it needs reload.
> In model is "restart-required" => "no-services" and credential-reference update operation ends with success message without any information about reload.
> {code:collapse}
> "credential-reference" => {
> "type" => OBJECT,
> "description" => "Credential reference to be used to create protection parameter.",
> "expressions-allowed" => false,
> "required" => true,
> "nillable" => false,
> "access-constraints" => {"sensitive" => {"credential" => {"type" => "core"}}},
> "value-type" => {
> "store" => {
> "type" => STRING,
> "description" => "The name of the credential store holding the alias to credential.",
> "expressions-allowed" => false,
> "required" => false,
> "nillable" => true,
> "capability-reference" => "org.wildfly.security.credential-store",
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "alias" => {
> "type" => STRING,
> "description" => "The alias which denotes stored secret or credential in the store.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "type" => {
> "type" => STRING,
> "description" => "The type of credential this reference is denoting.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "clear-text" => {
> "type" => STRING,
> "description" => "Secret specified using clear text. Check credential store way of supplying credential/secrets to services.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> }
> },
> "access-type" => "read-write",
> "storage" => "configuration",
> "restart-required" => "no-services"
> },
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list